Total
3690 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2886 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS (UXSS)." | |||||
| CVE-2012-2895 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| The PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. | |||||
| CVE-2013-0910 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome before 25.0.1364.152 does not properly manage the interaction between the browser process and renderer processes during authorization of the loading of a plug-in, which makes it easier for remote attackers to bypass intended access restrictions via vectors involving a blocked plug-in. | |||||
| CVE-2012-2875 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 22.0.1229.79 allow remote attackers to have an unknown impact via a crafted document. | |||||
| CVE-2010-2302 | 3 Google, Opensuse, Suse | 4 Chrome, Opensuse, Suse Linux Enterprise Desktop and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771. | |||||
| CVE-2011-1450 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | |||||
| CVE-2012-5136 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document. | |||||
| CVE-2011-1123 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors. | |||||
| CVE-2011-1293 | 3 Apple, Debian, Google | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-3104 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-3910 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-3389 | 9 Canonical, Debian, Google and 6 more | 17 Ubuntu Linux, Debian Linux, Chrome and 14 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. | |||||
| CVE-2013-2924 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-1228 | 1 Google | 1 Chrome | 2025-04-11 | 10.0 HIGH | N/A |
| Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors. | |||||
| CVE-2011-3033 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 7.5 HIGH | N/A |
| Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-3113 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an unspecified variable during handling of color spaces, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | |||||
| CVE-2013-2885 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to not properly considering focus during the processing of JavaScript events in the presence of a multiple-fields input type. | |||||
| CVE-2012-5122 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome before 23.0.1271.64 does not properly perform a cast of an unspecified variable during handling of input, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2012-2874 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 7.5 HIGH | N/A |
| Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883. | |||||
| CVE-2011-1808 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to incorrect integer calculations during float handling. | |||||